Configuration problem on 2950 port security sticky behavior

50 pts.
Tags:
Cisco
Firewalls
Forensics
Incident response
Intrusion management
Network security
Networking
Patch management
Project management
VPN
Wireless
Hi, I am trying to put port security on a port, I want it to shutdown if another computer gets plugged into that port. I followed the following steps: I set these options:
switchport mode access
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown

Switch#show port-security interface fastEthernet 0/4
Port Security : Enabled
Port Status : Secure-up
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 1
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address : 000b.972c.0ea1
Security Violation Count : 0
It doesn't work. any idea what I am doing wrong?
ASKED: January 31, 2006  8:38 AM
UPDATED: December 12, 2013  5:07 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

have you just tried using the network assistant and setting up the port for the mac address of that specific computer. sure you could do it through the IOS command line also. I dont know if the port will turn off but I think it will be unusable to anyone else, but this is only from limited knowledge of your switch and the IOS. hope this helps.

Discuss This Question: 3  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Sonyfreek
    You need to make the MAC addresses sticky or they will eventually time out of the mac-address-table. To enable sticky MAC addresses, use the following command in interface configuration: switchport port-security mac-address sticky Wayne
    0 pointsBadges:
    report
  • Sonyfreek
    In addition to making the MAC addresses sticky, make sure that you are not automatically re-enabling the interface when a violation occurs. You can check this in enabled mode by typing: show errdisable recovery. Make sure Psecure-Violation is not enabled. If you need to change it by typing the following in global configuration: (no) errdisable recovery cause psecure-violation Wayne
    0 pointsBadges:
    report
  • Patelmanojk
    Dear All, Thanks for your prompt responce.I tried it with another port and found working with following configuration: switchport mode access switchport port-security switchport port-security maximum 1 switchport port-security violation shutdown no errdisable recovery cause psecure-violation errdisable recovery interval 30 Great thanks to Sonyfreek.
    50 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following